I have some user information ( with certificate ) ,like
cn = bob, dc= one, dc = two ,dc = org
sn: ..
userCertificate;binary::...
.. : ...
someday , if he would be revoked, should i move it to another entry (
replace a new dn ), like
cn = bob, dc = crl ,dc = two ,dc = org
or maybe I use the same
I try to use openldap in windows xp. there is some implentations of
openldap-win32-2.4.x. I have used every one of them, and openldap for linux
in debian.
the same problem is i can't connect them except the server is in localhost
if my client run at win32, even i try to build my client in openldap
hi,
I have a question. I want to manage some data by OpenLDAP, and I hope show
them by tree structure when I list. So I want to get the DIT structure info
and create the corresponding nodes in my treeview. so , how to do?
gtalk:freeespe...@gmail.com
my env is Debian squeeze, OpenLDAP 2.4.17( from packages.debian.org)
I create an OpenLDAP Server, and try to config N-Wat multi-master, according
to OpenLDAP Admin Guide.
i adding init.ldif file on the server , the following is the content
*dn: cn=config
objectClass: olcGlobal
cn: config
olcServ
gtalk:freeespe...@gmail.com
On Mon, Jun 7, 2010 at 6:09 PM, Buchan Milne wrote:
> On Monday, 7 June 2010 07:10:00 owen nirvana wrote:
> > my env is Debian squeeze, OpenLDAP 2.4.17( from packages.debian.org)
> > I create an OpenLDAP Server, and try to config N-Wat multi-master,
it's openldap-2.4.17 in debian testing
I try to config slapd.conf to use ldap ssl.
TLSCACertificateFile cacert.pem
TLSCertificateFile ldapclient.pem
TLSCertificateKeyFile ldapclientkey.pem
TLSVerifyClient never
I could not start slapd after I config TLS in slapd.conf, error info is
"Main: TLS ini
It seems tls server and client configuration could not work at the same
time.
In Windows, should I rename .ldaprc to ldaprc?
gtalk:freeespe...@gmail.com
It seems pem pass phrase is needed everytime, so I could not make it run
automatic
gtalk:freeespe...@gmail.com
I set tls options to use ldaps.
question 1:
port 389 is opened yet when I scan the LDAP Server by nmap, but I could not
connect it with Apache Directory Studio v1.5.3.
question 2:
Nmap tell me "server still supports SSLv2", but I set TLSCipherSuite is
HIGH:MEDIUM:-SSLv2
question 3:
I try to im
:
>
> On 02/07/2010, at 12:49 PM, owen nirvana wrote:
>
> > I set tls options to use ldaps.
>
> When using TLS you dont need LDAPS, you want to set your systems to
> ldap://ldap.server
>
> >
> > question 1:
> > port 389 is opened yet when I scan the
create a new certificate and key , CN = Administrator, no more verify
failed, but
" ldap_start_tls : Can't Contact LDAP Server(-1)" is repoerted yet, no
addition info
gtalk:freeespe...@gmail.com
On Fri, Jul 2, 2010 at 12:47 PM, owen nirvana wrote:
> thanks
>
> ab
> On 02/07/2010, at 2:51 PM, owen nirvana wrote:
>
> > create a new certificate and key , CN = Administrator, no more verify
> > failed, but
> >
> > " ldap_start_tls : Can't Contact LDAP Server(-1)" is repoerted yet, no
> > addition info
>
; to the server using ldap://ldap.domain.com. It is the cause of most TLS
>> issues.
>>
>> On 02/07/2010, at 2:51 PM, owen nirvana wrote:
>>
>> > create a new certificate and key , CN = Administrator, no more verify
>> > failed, but
>> >
>
ldap for windows is no ldap.conf after installation. I write client TLS
configuation in it. It seems to not work if I put it to OPEN_LDAP_DIR .
gtalk:freeespe...@gmail.com
in slapd.conf, rootdn is described as a root user with unlimited priviledge,
so other users are recommented to use after slapd.conf was finished.
But other users like "cn=replicator" has no corresponding configuration
item, should I write user item into bdb.
gtalk:freeespe...@gmail.com
It seems nothing is provided for operating LDIF. How to implement ldif
export and import with C/C++ in OpenLDAP.
gtalk:freeespe...@gmail.com
syncrepl could copy data between master and slave. However, it happened the
two same LDAP server.
So I need replicate data to superior CA, like the following:
superior CA : dc= ACA,dc=RootCA (ip is 192.168.0.137)
son CA: dc=BCA,dc=ACA,dc=RootCA (ip is 192.168.0.138)
In superior CA , slapd.conf
How to config slapd.conf to replicate between the parent domain(dc=parentCA)
and the child(dc=sonCA,dc=parentCA) domain.
gtalk:freeespe...@gmail.com
nt to replicate the content of what you call the
> parent domain(dc=parentCA) on one server to the child domain on a different
> server?
>
> Regards,
> Torsten
>
> On Fri, 13 Aug 2010 17:11:10 +0800, owen nirvana
> wrote:
> > How to config sla
es have not the same DIT. Maybe syncrepl
could not support it.
gtalk:freeespe...@gmail.com
On Mon, Aug 16, 2010 at 5:14 PM, Marc Patermann <
hans.mo...@ofd-z.niedersachsen.de> wrote:
> Owen,
>
> owen nirvana schrieb am 13.08.2010 20:02 Uhr:
> > I means how to config re
1 descriptor
connection_close: deferring conn=1001 sd=4
daemon: waked
daemon: WSselect: listen=2 active_threads=0 tvp=zero
conn=1001 op=2 do_unbind
daemon: WSselect: listen=3 active_threads=0 tvp=zero
connection_resched: attempting closing conn=1001 sd=4
connection_close: conn=1001 sd=4
daemon
I could not find apis for analysising log.
Thanks for help!
gtalk:freeespe...@gmail.com
> > I could not find apis for analysising log.
> >
> > Thanks for help!
> What kind of log are you referring to?
> syslog, log database or monitor database?
log databasem, the files like log.00x in /var/ldap/
gtalk:freeespe...@gmail.com
I try to access ldap data in C++, and write a small example which open and
close ldap, compiled by g++
error is the following:
error: 'ldap_init' was not decalred in this scope
error: 'ldap_simple_bind_s' was not decalred in this scope
error: 'ldap_unbind' was not decalred in this scope
I have
thanks, I have to these deprecate interfaces because I use cldap in win32.
gtalk:freeespe...@gmail.com
On Mon, Apr 4, 2011 at 5:31 PM, Hallvard B Furuseth <
h.b.furus...@usit.uio.no> wrote:
> owen nirvana writes:
> > error is the following:
> > error: 'ldap_init'
I confuse with the use of ldap_parse_sortresponse_control because there is
no example and document about it. Although it seems like
ldap_parse_sort_control of Novell CLDAP and Mozilla C LDAP, it is wrong if
using it on their way.
the following is my code:
...
LDAPControl *sortctrl = NULL;
26 matches
Mail list logo